This deployment is intended for the following AWS use cases:
##Auditing your AWS for:
-
Usage and Billing.
-
User reports:
- Service access lists.
- Console Authentication history
- API Authentication history
- Cataloging:
- EC2 instances.
- S3 Buckets.
- Lambda Functions.
What do you need?
Any operating system that supports:
- Git
- Ansible
- AWSCLI (Latest Version)
To run the playbook you are required to have an existing aws configured profile with at minimum, view permissions for the services you wish to audit, To setup your AWS profile simply run the following on the host machine and supply the information.
aws configure
If you have the prerequisites all setup simply follow the steps below: Clone the git repo.
git clone https://github.com/rnjudas/audit-aws
Change directory to the local repo:
cd audit-aws
Run the Ansible playbook with any of your desired options set to true. Alternatively you are able to use this playbook as is with Jenkins or any other Ci/CD server that allows for the specification of booleans at runtime.
ansible-playbook -i 'localhost,' ./play.yml -e "ROLE=audit-aws" -e "TARGET=localhost" -e "USER=ubuntu" \
-e "USER_REPORT=true" -e "EC2_REPORT=false" -e "LAMBDA_REPORT=false" -e "S3_REPORT=false" \
-e "RDS_REPORT=false" -e "CLOUDFRONT_REPORT=false" \
-e "CLOUDFORMATION_REPORT=false" -e "COST_USAGE_REPORT=false" -e "DAYS=1" \
-e "USER_AUTH_REPORT=false"
The results of the audit can be found in private/csv
To make use of the billing module you will be required to use an AWS account with the needed policies to view billing information.
- Ansible - The automation tool used
- Vagrant - Portable virtual software maintainer
- Virtualbox - General-purpose full virtualizer for x86 hardware
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
N/A
- Renaldo Maclons - Initial work - RNJudas
See also the list of contributors who participated in this project.
This project is licensed under the MIT License - see the LICENSE.md file for details
- Henning Jacobs - AWS Cost Report - hjacobs